Closes #69: Save and display originating user in audit log

docs-core/src/main/java/com/sismics/docs/core/dao/jpa/AclDao.java

@@ -26,10 +26,11 @@ public class AclDao {
      * Creates a new ACL.
      * 
      * @param acl ACL
+     * @param userId User ID
      * @return New ID
      * @throws Exception
      */
-    public String create(Acl acl) {
+    public String create(Acl acl, String userId) {
         // Create the UUID
         acl.setId(UUID.randomUUID().toString());
         
@@ -38,7 +39,7 @@ public class AclDao {
         em.persist(acl);
         
         // Create audit log
-        AuditLogUtil.create(acl, AuditLogType.CREATE);
+        AuditLogUtil.create(acl, AuditLogType.CREATE, userId);
         
         return acl.getId();
     }
@@ -125,9 +126,10 @@ public class AclDao {
      * @param sourceId Source ID
      * @param perm Permission
      * @param targetId Target ID
+     * @param userId User ID
      */
     @SuppressWarnings("unchecked")
-    public void delete(String sourceId, PermType perm, String targetId) {
+    public void delete(String sourceId, PermType perm, String targetId, String userId) {
         EntityManager em = ThreadLocalContext.get().getEntityManager();
         
         // Create audit log
@@ -137,7 +139,7 @@ public class AclDao {
         q.setParameter("targetId", targetId);
         List<Acl> aclList = q.getResultList();
         for (Acl acl : aclList) {
-            AuditLogUtil.create(acl, AuditLogType.DELETE);
+            AuditLogUtil.create(acl, AuditLogType.DELETE, userId);
         }
         
         // Soft delete the ACLs

docs-core/src/main/java/com/sismics/docs/core/dao/jpa/AuditLogDao.java

@@ -59,12 +59,13 @@ public class AuditLogDao {
     public void findByCriteria(PaginatedList<AuditLogDto> paginatedList, AuditLogCriteria criteria, SortCriteria sortCriteria) throws Exception {
         Map<String, Object> parameterMap = new HashMap<String, Object>();
         
-        String baseQuery = "select l.LOG_ID_C c0, l.LOG_CREATEDATE_D c1, l.LOG_IDENTITY_C c2, l.LOG_CLASSENTITY_C c3, l.LOG_TYPE_C c4, l.LOG_MESSAGE_C c5 from T_AUDIT_LOG l ";
+        StringBuilder baseQuery = new StringBuilder("select l.LOG_ID_C c0, l.LOG_CREATEDATE_D c1, u.USE_USERNAME_C c2, l.LOG_IDENTITY_C c3, l.LOG_CLASSENTITY_C c4, l.LOG_TYPE_C c5, l.LOG_MESSAGE_C c6 from T_AUDIT_LOG l ");
+        baseQuery.append(" join T_USER u on l.LOG_IDUSER_C = u.USE_ID_C ");
         List<String> queries = Lists.newArrayList();
         
         // Adds search criteria
         if (criteria.getDocumentId() != null) {
-            // ACL on document is not checked here, it's assumed
+            // ACL on document is not checked here, rights have been checked before
             queries.add(baseQuery + " where l.LOG_IDENTITY_C = :documentId ");
             queries.add(baseQuery + " where l.LOG_IDENTITY_C in (select f.FIL_ID_C from T_FILE f where f.FIL_IDDOC_C = :documentId) ");
             queries.add(baseQuery + " where l.LOG_IDENTITY_C in (select c.COM_ID_C from T_COMMENT c where c.COM_IDDOC_C = :documentId) ");
@@ -73,11 +74,9 @@ public class AuditLogDao {
         }
         
         if (criteria.getUserId() != null) {
-            queries.add(baseQuery + " where l.LOG_IDENTITY_C = :userId ");
+            // Get all logs originating from the user, not necessarly on owned items
-            queries.add(baseQuery + " where l.LOG_IDENTITY_C in (select t.TAG_ID_C from T_TAG t where t.TAG_IDUSER_C = :userId) ");
+            // Filter out ACL logs
-            // Show only logs from owned documents, ACL are lost on delete
+            queries.add(baseQuery + " where l.LOG_IDUSER_C = :userId and l.LOG_CLASSENTITY_C != 'Acl' ");
-            queries.add(baseQuery + " where l.LOG_IDENTITY_C in (select d.DOC_ID_C from T_DOCUMENT d where d.DOC_IDUSER_C = :userId) ");
-            queries.add(baseQuery + " where l.LOG_IDENTITY_C in (select c.COM_ID_C from T_COMMENT c where c.COM_IDUSER_C = :userId) ");
             parameterMap.put("userId", criteria.getUserId());
         }
         
@@ -92,6 +91,7 @@ public class AuditLogDao {
             AuditLogDto auditLogDto = new AuditLogDto();
             auditLogDto.setId((String) o[i++]);
             auditLogDto.setCreateTimestamp(((Timestamp) o[i++]).getTime());
+            auditLogDto.setUsername((String) o[i++]);
             auditLogDto.setEntityId((String) o[i++]);
             auditLogDto.setEntityClass((String) o[i++]);
             auditLogDto.setType(AuditLogType.valueOf((String) o[i++]));

docs-core/src/main/java/com/sismics/docs/core/dao/jpa/CommentDao.java

@@ -26,10 +26,11 @@ public class CommentDao {
      * Creates a new comment.
      * 
      * @param comment Comment
+     * @param userId User ID
      * @return New ID
      * @throws Exception
      */
-    public String create(Comment comment) {
+    public String create(Comment comment, String userId) {
         // Create the UUID
         comment.setId(UUID.randomUUID().toString());
         
@@ -39,7 +40,7 @@ public class CommentDao {
         em.persist(comment);
         
         // Create audit log
-        AuditLogUtil.create(comment, AuditLogType.CREATE);
+        AuditLogUtil.create(comment, AuditLogType.CREATE, userId);
         
         return comment.getId();
     }
@@ -48,8 +49,9 @@ public class CommentDao {
      * Deletes a comment.
      * 
      * @param id Comment ID
+     * @param userId User ID
      */
-    public void delete(String id) {
+    public void delete(String id, String userId) {
         EntityManager em = ThreadLocalContext.get().getEntityManager();
             
         // Get the comment
@@ -62,7 +64,7 @@ public class CommentDao {
         commentDb.setDeleteDate(dateNow);
 
         // Create audit log
-        AuditLogUtil.create(commentDb, AuditLogType.DELETE);
+        AuditLogUtil.create(commentDb, AuditLogType.DELETE, userId);
     }
     
     /**

docs-core/src/main/java/com/sismics/docs/core/dao/jpa/DocumentDao.java

@@ -38,10 +38,11 @@ public class DocumentDao {
      * Creates a new document.
      * 
      * @param document Document
+     * @param userId User ID
      * @return New ID
      * @throws Exception
      */
-    public String create(Document document) {
+    public String create(Document document, String userId) {
         // Create the UUID
         document.setId(UUID.randomUUID().toString());
         
@@ -50,7 +51,7 @@ public class DocumentDao {
         em.persist(document);
         
         // Create audit log
-        AuditLogUtil.create(document, AuditLogType.CREATE);
+        AuditLogUtil.create(document, AuditLogType.CREATE, userId);
         
         return document.getId();
     }
@@ -152,8 +153,9 @@ public class DocumentDao {
      * Deletes a document.
      * 
      * @param id Document ID
+     * @param userId User ID
      */
-    public void delete(String id) {
+    public void delete(String id, String userId) {
         EntityManager em = ThreadLocalContext.get().getEntityManager();
             
         // Get the document
@@ -182,7 +184,7 @@ public class DocumentDao {
         q.executeUpdate();
         
         // Create audit log
-        AuditLogUtil.create(documentDb, AuditLogType.DELETE);
+        AuditLogUtil.create(documentDb, AuditLogType.DELETE, userId);
     }
     
     /**
@@ -291,9 +293,10 @@ public class DocumentDao {
      * Update a document.
      * 
      * @param document Document to update
+     * @param userId User ID
      * @return Updated document
      */
-    public Document update(Document document) {
+    public Document update(Document document, String userId) {
         EntityManager em = ThreadLocalContext.get().getEntityManager();
         
         // Get the document
@@ -316,7 +319,7 @@ public class DocumentDao {
         documentFromDb.setLanguage(document.getLanguage());
         
         // Create audit log
-        AuditLogUtil.create(documentFromDb, AuditLogType.UPDATE);
+        AuditLogUtil.create(documentFromDb, AuditLogType.UPDATE, userId);
         
         return documentFromDb;
     }

docs-core/src/main/java/com/sismics/docs/core/dao/jpa/FileDao.java

@@ -23,10 +23,11 @@ public class FileDao {
      * Creates a new file.
      * 
      * @param file File
+     * @param userId User ID
      * @return New ID
      * @throws Exception
      */
-    public String create(File file) {
+    public String create(File file, String userId) {
         // Create the UUID
         file.setId(UUID.randomUUID().toString());
         
@@ -36,7 +37,7 @@ public class FileDao {
         em.persist(file);
         
         // Create audit log
-        AuditLogUtil.create(file, AuditLogType.CREATE);
+        AuditLogUtil.create(file, AuditLogType.CREATE, userId);
         
         return file.getId();
     }
@@ -107,8 +108,9 @@ public class FileDao {
      * Deletes a file.
      * 
      * @param id File ID
+     * @param userId User ID
      */
-    public void delete(String id) {
+    public void delete(String id, String userId) {
         EntityManager em = ThreadLocalContext.get().getEntityManager();
             
         // Get the file
@@ -121,7 +123,7 @@ public class FileDao {
         fileDb.setDeleteDate(dateNow);
         
         // Create audit log
-        AuditLogUtil.create(fileDb, AuditLogType.DELETE);
+        AuditLogUtil.create(fileDb, AuditLogType.DELETE, userId);
     }
     
     /**

docs-core/src/main/java/com/sismics/docs/core/dao/jpa/TagDao.java

@@ -170,10 +170,11 @@ public class TagDao {
      * Creates a new tag.
      * 
      * @param tag Tag
+     * @param userId User ID
      * @return New ID
      * @throws Exception
      */
-    public String create(Tag tag) {
+    public String create(Tag tag, String userId) {
         // Create the UUID
         tag.setId(UUID.randomUUID().toString());
         
@@ -183,7 +184,7 @@ public class TagDao {
         em.persist(tag);
         
         // Create audit log
-        AuditLogUtil.create(tag, AuditLogType.CREATE);
+        AuditLogUtil.create(tag, AuditLogType.CREATE, userId);
         
         return tag.getId();
     }
@@ -230,8 +231,9 @@ public class TagDao {
      * Deletes a tag.
      * 
      * @param tagId Tag ID
+     * @param userId User ID
      */
-    public void delete(String tagId) {
+    public void delete(String tagId, String userId) {
         EntityManager em = ThreadLocalContext.get().getEntityManager();
             
         // Get the tag
@@ -250,7 +252,7 @@ public class TagDao {
         q.executeUpdate();
         
         // Create audit log
-        AuditLogUtil.create(tagDb, AuditLogType.DELETE);
+        AuditLogUtil.create(tagDb, AuditLogType.DELETE, userId);
     }
 
     /**
@@ -272,9 +274,10 @@ public class TagDao {
      * Update a tag.
      * 
      * @param tag Tag to update
+     * @param userId User ID
      * @return Updated tag
      */
-    public Tag update(Tag tag) {
+    public Tag update(Tag tag, String userId) {
         EntityManager em = ThreadLocalContext.get().getEntityManager();
         
         // Get the tag
@@ -288,7 +291,7 @@ public class TagDao {
         tagFromDb.setParentId(tag.getParentId());
         
         // Create audit log
-        AuditLogUtil.create(tagFromDb, AuditLogType.UPDATE);
+        AuditLogUtil.create(tagFromDb, AuditLogType.UPDATE, userId);
         
         return tagFromDb;
     }

docs-core/src/main/java/com/sismics/docs/core/dao/jpa/UserDao.java

@@ -58,10 +58,11 @@ public class UserDao {
      * Creates a new user.
      * 
      * @param user User to create
+     * @param userId User ID
      * @return User ID
      * @throws Exception
      */
-    public String create(User user) throws Exception {
+    public String create(User user, String userId) throws Exception {
         // Create the user UUID
         user.setId(UUID.randomUUID().toString());
         
@@ -80,7 +81,7 @@ public class UserDao {
         em.persist(user);
         
         // Create audit log
-        AuditLogUtil.create(user, AuditLogType.CREATE);
+        AuditLogUtil.create(user, AuditLogType.CREATE, userId);
         
         return user.getId();
     }
@@ -89,9 +90,10 @@ public class UserDao {
      * Updates a user.
      * 
      * @param user User to update
+     * @param userId User ID
      * @return Updated user
      */
-    public User update(User user) {
+    public User update(User user, String userId) {
         EntityManager em = ThreadLocalContext.get().getEntityManager();
         
         // Get the user
@@ -99,13 +101,13 @@ public class UserDao {
         q.setParameter("id", user.getId());
         User userFromDb = (User) q.getSingleResult();
 
-        // Update the user
+        // Update the user (except password)
         userFromDb.setEmail(user.getEmail());
         userFromDb.setStorageQuota(user.getStorageQuota());
         userFromDb.setStorageCurrent(user.getStorageCurrent());
         
         // Create audit log
-        AuditLogUtil.create(userFromDb, AuditLogType.UPDATE);
+        AuditLogUtil.create(userFromDb, AuditLogType.UPDATE, userId);
         
         return user;
     }
@@ -134,9 +136,10 @@ public class UserDao {
      * Update the user password.
      * 
      * @param user User to update
+     * @param userId User ID
      * @return Updated user
      */
-    public User updatePassword(User user) {
+    public User updatePassword(User user, String userId) {
         EntityManager em = ThreadLocalContext.get().getEntityManager();
         
         // Get the user
@@ -148,7 +151,7 @@ public class UserDao {
         userFromDb.setPassword(hashPassword(user.getPassword()));
         
         // Create audit log
-        AuditLogUtil.create(userFromDb, AuditLogType.UPDATE);
+        AuditLogUtil.create(userFromDb, AuditLogType.UPDATE, userId);
         
         return user;
     }
@@ -206,8 +209,9 @@ public class UserDao {
      * Deletes a user.
      * 
      * @param username User's username
+     * @param userId User ID
      */
-    public void delete(String username) {
+    public void delete(String username, String userId) {
         EntityManager em = ThreadLocalContext.get().getEntityManager();
             
         // Get the user
@@ -245,7 +249,7 @@ public class UserDao {
         q.executeUpdate();
         
         // Create audit log
-        AuditLogUtil.create(userFromDb, AuditLogType.DELETE);
+        AuditLogUtil.create(userFromDb, AuditLogType.DELETE, userId);
     }
 
     /**

docs-core/src/main/java/com/sismics/docs/core/dao/jpa/dto/AclDto.java

@@ -1,7 +1,5 @@
 package com.sismics.docs.core.dao.jpa.dto;
 
-import javax.persistence.Id;
-
 import com.sismics.docs.core.constant.PermType;
 
 /**
@@ -13,7 +11,6 @@ public class AclDto {
     /**
      * Acl ID.
      */
-    @Id
     private String id;
     
     /**

docs-core/src/main/java/com/sismics/docs/core/dao/jpa/dto/AuditLogDto.java

@@ -1,7 +1,5 @@
 package com.sismics.docs.core.dao.jpa.dto;
 
-import javax.persistence.Id;
-
 import com.sismics.docs.core.constant.AuditLogType;
 
 /**
@@ -13,9 +11,13 @@ public class AuditLogDto {
     /**
      * Audit log ID.
      */
-    @Id
     private String id;
     
+    /**
+     * Username.
+     */
+    private String username;
+    
     /**
      * Entity ID.
      */
@@ -49,6 +51,14 @@ public class AuditLogDto {
         this.id = id;
     }
     
+    public String getUsername() {
+        return username;
+    }
+
+    public void setUsername(String username) {
+        this.username = username;
+    }
+
     public String getEntityId() {
         return entityId;
     }

docs-core/src/main/java/com/sismics/docs/core/dao/jpa/dto/CommentDto.java

@@ -1,7 +1,5 @@
 package com.sismics.docs.core.dao.jpa.dto;
 
-import javax.persistence.Id;
-
 /**
  * Comment DTO.
  *
@@ -11,7 +9,6 @@ public class CommentDto {
     /**
      * Comment ID.
      */
-    @Id
     private String id;
     
     /**

docs-core/src/main/java/com/sismics/docs/core/dao/jpa/dto/DocumentDto.java

@@ -1,7 +1,5 @@
 package com.sismics.docs.core.dao.jpa.dto;
 
-import javax.persistence.Id;
-
 /**
  * Document DTO.
  *
@@ -11,7 +9,6 @@ public class DocumentDto {
     /**
      * Document ID.
      */
-    @Id
     private String id;
     
     /**

docs-core/src/main/java/com/sismics/docs/core/dao/jpa/dto/TagDto.java

@@ -1,7 +1,5 @@
 package com.sismics.docs.core.dao.jpa.dto;
 
-import javax.persistence.Id;
-
 /**
  * Tag DTO.
  *
@@ -11,7 +9,6 @@ public class TagDto {
     /**
      * Tag ID.
      */
-    @Id
     private String id;
     
     /**

docs-core/src/main/java/com/sismics/docs/core/dao/jpa/dto/UserDto.java

@@ -37,69 +37,38 @@ public class UserDto {
      */
     private Long storageCurrent;
     
-    /**
-     * Getter of id.
-     *
-     * @return id
-     */
     public String getId() {
         return id;
     }
 
-    /**
-     * Setter of id.
-     *
-     * @param id id
-     */
     public void setId(String id) {
         this.id = id;
     }
 
-    /**
-     * Getter of username.
-     *
-     * @return username
-     */
     public String getUsername() {
         return username;
     }
 
-    /**
-     * Setter of username.
-     *
-     * @param username username
-     */
     public void setUsername(String username) {
         this.username = username;
     }
 
-    /**
-     * Getter of email.
-     *
-     * @return email
-     */
     public String getEmail() {
         return email;
     }
 
-    /**
-     * Setter of email.
-     *
-     * @param email email
-     */
     public void setEmail(String email) {
         this.email = email;
     }
 
-    /**
-     * Getter of createTimestamp.
-     *
-     * @return createTimestamp
-     */
     public Long getCreateTimestamp() {
         return createTimestamp;
     }
     
+    public void setCreateTimestamp(Long createTimestamp) {
+        this.createTimestamp = createTimestamp;
+    }
+    
     public Long getStorageQuota() {
         return storageQuota;
     }
@@ -115,13 +84,4 @@ public class UserDto {
     public void setStorageCurrent(Long storageCurrent) {
         this.storageCurrent = storageCurrent;
     }
-
-    /**
-     * Setter of createTimestamp.
-     *
-     * @param createTimestamp createTimestamp
-     */
-    public void setCreateTimestamp(Long createTimestamp) {
-        this.createTimestamp = createTimestamp;
-    }
 }

docs-core/src/main/java/com/sismics/docs/core/model/jpa/AuditLog.java

@@ -27,6 +27,12 @@ public class AuditLog {
     @Column(name = "LOG_ID_C", length = 36)
     private String id;
     
+    /**
+     * User ID.
+     */
+    @Column(name = "LOG_IDUSER_C", nullable = false, length = 36)
+    private String userId;
+    
     /**
      * Entity ID.
      */
@@ -66,6 +72,14 @@ public class AuditLog {
         this.id = id;
     }
 
+    public String getUserId() {
+        return userId;
+    }
+
+    public void setUserId(String userId) {
+        this.userId = userId;
+    }
+
     public String getEntityId() {
         return entityId;
     }

docs-core/src/main/java/com/sismics/docs/core/util/AuditLogUtil.java

@@ -20,7 +20,7 @@ public class AuditLogUtil {
      * @param entity Entity
      * @param type Audit log type
      */
-    public static void create(Loggable loggable, AuditLogType type) {
+    public static void create(Loggable loggable, AuditLogType type, String userId) {
         // Get the entity ID
         EntityManager em = ThreadLocalContext.get().getEntityManager();
         String entityId = (String) em.getEntityManagerFactory().getPersistenceUnitUtil().getIdentifier(loggable);
@@ -28,6 +28,7 @@ public class AuditLogUtil {
         // Create the audit log
         AuditLogDao auditLogDao = new AuditLogDao();
         AuditLog auditLog = new AuditLog();
+        auditLog.setUserId(userId);
         auditLog.setEntityId(entityId);
         auditLog.setEntityClass(loggable.getClass().getSimpleName());
         auditLog.setType(type);

docs-core/src/main/resources/db/update/dbupdate-006-0.sql

@@ -6,6 +6,8 @@ alter table T_DOCUMENT add column DOC_SOURCE_C varchar(500);
 alter table T_DOCUMENT add column DOC_TYPE_C varchar(500);
 alter table T_DOCUMENT add column DOC_COVERAGE_C varchar(500);
 alter table T_DOCUMENT add column DOC_RIGHTS_C varchar(500);
+alter table T_AUDIT_LOG add column LOG_IDUSER_C varchar(36) not null default 'admin';
+
 create memory table T_VOCABULARY ( VOC_ID_C varchar(36) not null, VOC_NAME_C varchar(50) not null, VOC_VALUE_C varchar(500) not null, VOC_ORDER_N int not null, primary key (VOC_ID_C) );
 
 insert into T_VOCABULARY(VOC_ID_C, VOC_NAME_C, VOC_VALUE_C, VOC_ORDER_N) values('type-collection', 'type', 'Collection', 0);

docs-core/src/test/java/com/sismics/docs/core/dao/jpa/TestJpa.java

@@ -23,7 +23,7 @@ public class TestJpa extends BaseTransactionalTest {
         user.setStorageCurrent(0l);
         user.setStorageQuota(10l);
         user.setPrivateKey("AwesomePrivateKey");
-        String id = userDao.create(user);
+        String id = userDao.create(user, "me");
         
         TransactionUtil.commit();
 

docs-web/src/main/java/com/sismics/docs/rest/resource/AclResource.java

@@ -77,7 +77,7 @@ public class AclResource extends BaseResource {
         
         // Avoid duplicates
         if (!aclDao.checkPermission(acl.getSourceId(), acl.getPerm(), acl.getTargetId())) {
-            aclDao.create(acl);
+            aclDao.create(acl, principal.getId());
             
             // Returns the ACL
             JsonObjectBuilder response = Json.createObjectBuilder()
@@ -126,7 +126,7 @@ public class AclResource extends BaseResource {
         }
         
         // Delete the ACL
-        aclDao.delete(sourceId, perm, targetId);
+        aclDao.delete(sourceId, perm, targetId, principal.getId());
         
         // Always return OK
         JsonObjectBuilder response = Json.createObjectBuilder()

docs-web/src/main/java/com/sismics/docs/rest/resource/AuditLogResource.java

@@ -68,6 +68,7 @@ public class AuditLogResource extends BaseResource {
         for (AuditLogDto auditLogDto : paginatedList.getResultList()) {
             logs.add(Json.createObjectBuilder()
                     .add("id", auditLogDto.getId())
+                    .add("username", auditLogDto.getUsername())
                     .add("target", auditLogDto.getEntityId())
                     .add("class", auditLogDto.getEntityClass())
                     .add("type", auditLogDto.getType().name())

docs-web/src/main/java/com/sismics/docs/rest/resource/CommentResource.java

@@ -61,7 +61,7 @@ public class CommentResource extends BaseResource {
         comment.setContent(content);
         comment.setUserId(principal.getId());
         CommentDao commentDao = new CommentDao();
-        commentDao.create(comment);
+        commentDao.create(comment, principal.getId());
         
         // Returns the comment
         JsonObjectBuilder response = Json.createObjectBuilder()
@@ -103,7 +103,7 @@ public class CommentResource extends BaseResource {
         }
         
         // Delete the comment
-        commentDao.delete(id);
+        commentDao.delete(id, principal.getId());
         
         // Always return OK
         JsonObjectBuilder response = Json.createObjectBuilder()

docs-web/src/main/java/com/sismics/docs/rest/resource/DocumentResource.java

@@ -449,7 +449,7 @@ public class DocumentResource extends BaseResource {
         } else {
             document.setCreateDate(createDate);
         }
-        String documentId = documentDao.create(document);
+        String documentId = documentDao.create(document, principal.getId());
         
         // Create read ACL
         AclDao aclDao = new AclDao();
@@ -457,14 +457,14 @@ public class DocumentResource extends BaseResource {
         acl.setPerm(PermType.READ);
         acl.setSourceId(documentId);
         acl.setTargetId(principal.getId());
-        aclDao.create(acl);
+        aclDao.create(acl, principal.getId());
         
         // Create write ACL
         acl = new Acl();
         acl.setPerm(PermType.WRITE);
         acl.setSourceId(documentId);
         acl.setTargetId(principal.getId());
-        aclDao.create(acl);
+        aclDao.create(acl, principal.getId());
         
         // Update tags
         updateTagList(documentId, tagList);
@@ -570,7 +570,7 @@ public class DocumentResource extends BaseResource {
             document.setLanguage(language);
         }
         
-        document = documentDao.update(document);
+        document = documentDao.update(document, principal.getId());
         
         // Update tags
         updateTagList(id, tagList);
@@ -634,7 +634,7 @@ public class DocumentResource extends BaseResource {
         }
         
         // Delete the document
-        documentDao.delete(document.getId());
+        documentDao.delete(document.getId(), principal.getId());
         
         // Raise file deleted events
         for (File file : fileList) {

docs-web/src/main/java/com/sismics/docs/rest/resource/FileResource.java

@@ -145,7 +145,7 @@ public class FileResource extends BaseResource {
             file.setDocumentId(documentId);
             file.setMimeType(mimeType);
             file.setUserId(principal.getId());
-            String fileId = fileDao.create(file);
+            String fileId = fileDao.create(file, principal.getId());
             
             // Guess the mime type a second time, for open document format (first detected as simple ZIP file)
             file.setMimeType(MimeTypeUtil.guessOpenDocumentFormat(file, fileInputStream));
@@ -362,7 +362,7 @@ public class FileResource extends BaseResource {
         }
         
         // Delete the file
-        fileDao.delete(file.getId());
+        fileDao.delete(file.getId(), principal.getId());
         
         // Update the user quota
         UserDao userDao = new UserDao();

docs-web/src/main/java/com/sismics/docs/rest/resource/ShareResource.java

@@ -69,7 +69,7 @@ public class ShareResource extends BaseResource {
         acl.setSourceId(documentId);
         acl.setPerm(PermType.READ);
         acl.setTargetId(share.getId());
-        aclDao.create(acl);
+        aclDao.create(acl, principal.getId());
 
         // Returns the created ACL
         JsonObjectBuilder response = Json.createObjectBuilder()

docs-web/src/main/java/com/sismics/docs/rest/resource/TagResource.java

@@ -137,7 +137,7 @@ public class TagResource extends BaseResource {
         tag.setColor(color);
         tag.setUserId(principal.getId());
         tag.setParentId(parentId);
-        String id = tagDao.create(tag);
+        String id = tagDao.create(tag, principal.getId());
         
         JsonObjectBuilder response = Json.createObjectBuilder()
                 .add("id", id);
@@ -203,7 +203,7 @@ public class TagResource extends BaseResource {
         // Parent tag is always updated to have the possibility to delete it
         tag.setParentId(parentId);
         
-        tagDao.update(tag);
+        tagDao.update(tag, principal.getId());
         
         JsonObjectBuilder response = Json.createObjectBuilder()
                 .add("id", id);
@@ -232,7 +232,7 @@ public class TagResource extends BaseResource {
         }
         
         // Delete the tag
-        tagDao.delete(tagId);
+        tagDao.delete(tagId, principal.getId());
         
         // Always return OK
         JsonObjectBuilder response = Json.createObjectBuilder()

docs-web/src/main/java/com/sismics/docs/rest/resource/UserResource.java

@@ -105,7 +105,7 @@ public class UserResource extends BaseResource {
         // Create the user
         UserDao userDao = new UserDao();
         try {
-            userDao.create(user);
+            userDao.create(user, principal.getId());
         } catch (Exception e) {
             if ("AlreadyExistingUsername".equals(e.getMessage())) {
                 throw new ServerException("AlreadyExistingUsername", "Login already used", e);
@@ -145,12 +145,12 @@ public class UserResource extends BaseResource {
         if (email != null) {
             user.setEmail(email);
         }
-        user = userDao.update(user);
+        user = userDao.update(user, principal.getId());
         
         // Change the password
         if (StringUtils.isNotBlank(password)) {
             user.setPassword(password);
-            userDao.updatePassword(user);
+            userDao.updatePassword(user, principal.getId());
         }
         
         // Always return OK
@@ -198,12 +198,12 @@ public class UserResource extends BaseResource {
             Long storageQuota = ValidationUtil.validateLong(storageQuotaStr, "storage_quota");
             user.setStorageQuota(storageQuota);
         }
-        user = userDao.update(user);
+        user = userDao.update(user, principal.getId());
         
         // Change the password
         if (StringUtils.isNotBlank(password)) {
             user.setPassword(password);
-            userDao.updatePassword(user);
+            userDao.updatePassword(user, principal.getId());
         }
         
         // Always return OK
@@ -356,7 +356,7 @@ public class UserResource extends BaseResource {
         
         // Delete the user
         UserDao userDao = new UserDao();
-        userDao.delete(principal.getName());
+        userDao.delete(principal.getName(), principal.getId());
         
         // Raise deleted events for documents
         for (Document document : documentList) {
@@ -413,7 +413,7 @@ public class UserResource extends BaseResource {
         List<File> fileList = fileDao.findByUserId(user.getId());
         
         // Delete the user
-        userDao.delete(user.getUsername());
+        userDao.delete(user.getUsername(), principal.getId());
         
         // Raise deleted events for documents
         for (Document document : documentList) {

docs-web/src/main/webapp/src/partial/docs/directive.auditlog.html

@@ -1,6 +1,12 @@
 <table class="table">
   <tr ng-repeat="log in logs">
-    <td>{{ log.create_date | date: 'yyyy-MM-dd HH:mm' }}</td>
+    <td width="20%">{{ log.create_date | date: 'yyyy-MM-dd HH:mm' }}</td>
+    <td width="20%">
+      <a ng-href="#/user/{{ log.username }}">
+        <span class="glyphicon glyphicon-user"></span>
+        {{ log.username }}
+      </a>
+    </td>
     <td>
       {{ log.class }}
           <span ng-switch="log.type">

docs-web/src/main/webapp/src/partial/docs/document.view.html

@@ -36,7 +36,8 @@
 	
 	<div class="page-header">
 	  <h1>
-      {{ document.title }} <small>{{ document.create_date | date: 'yyyy-MM-dd' }} by {{ document.creator }}</small>
+      {{ document.title }} <small>{{ document.create_date | date: 'yyyy-MM-dd' }}
+      by <a href="#/user/{{ document.creator }}">{{ document.creator }}</a></small>
       <img ng-if="document" ng-src="img/flag/{{ document.language }}.png" title="{{ document.language }}" />
     </h1>
 

docs-web/src/test/java/com/sismics/docs/rest/TestAuditLogResource.java

@@ -59,13 +59,25 @@ public class TestAuditLogResource extends BaseJerseyTest {
                 .get(JsonObject.class);
         JsonArray logs = json.getJsonArray("logs");
         Assert.assertTrue(logs.size() == 3);
+        Assert.assertEquals(countByClass(logs, "Document"), 1);
+        Assert.assertEquals(countByClass(logs, "Acl"), 2);
+        Assert.assertEquals("auditlog1", logs.getJsonObject(0).getString("username"));
+        Assert.assertNotNull(logs.getJsonObject(0).getString("id"));
+        Assert.assertNotNull(logs.getJsonObject(0).getString("target"));
+        Assert.assertNotNull(logs.getJsonObject(0).getString("type"));
+        Assert.assertNotNull(logs.getJsonObject(0).getString("message"));
+        Assert.assertNotNull(logs.getJsonObject(0).getJsonNumber("create_date"));
+        Assert.assertEquals("auditlog1", logs.getJsonObject(1).getString("username"));
+        Assert.assertEquals("auditlog1", logs.getJsonObject(2).getString("username"));
         
         // Get all logs for the current user
         json = target().path("/auditlog").request()
                 .cookie(TokenBasedSecurityFilter.COOKIE_NAME, auditlog1Token)
                 .get(JsonObject.class);
         logs = json.getJsonArray("logs");
-        Assert.assertTrue(logs.size() == 3);
+        Assert.assertTrue(logs.size() == 2);
+        Assert.assertEquals(countByClass(logs, "Document"), 1);
+        Assert.assertEquals(countByClass(logs, "Tag"), 1);
         
         // Deletes a tag
         json = target().path("/tag/" + tag1Id).request()
@@ -78,6 +90,25 @@ public class TestAuditLogResource extends BaseJerseyTest {
                 .cookie(TokenBasedSecurityFilter.COOKIE_NAME, auditlog1Token)
                 .get(JsonObject.class);
         logs = json.getJsonArray("logs");
-        Assert.assertTrue(logs.size() == 4);
+        Assert.assertTrue(logs.size() == 3);
+        Assert.assertEquals(countByClass(logs, "Document"), 1);
+        Assert.assertEquals(countByClass(logs, "Tag"), 2);
+    }
+    
+    /**
+     * Count logs by class.
+     * 
+     * @param logs Logs
+     * @param clazz Class
+     * @return Count by class
+     */
+    private int countByClass(JsonArray logs, String clazz) {
+        int count = 0;
+        for (int i = 0; i < logs.size(); i++) {
+            if (logs.getJsonObject(i).getString("class").equals(clazz)) {
+                count++;
+            }
+        }
+        return count;
     }
 }